Hi Arvind, It was pretty simple 'cause I was messing up the users.
Are you running your playbook with root? Which user you set on your hosts as ansible_user? Are you using become inside your playbooks? Also, I stopped using ssh, instead I'm using openstack keypair. And try Dave's suggestion, it's very useful: Hi Fabio, > > I see you found a solution, but this is what I'd recommend doing next time. > > Add -vvv and read the resulting output carefully. You can splice the ssh > command from Ansible back into the shell to work out what is missing or > different to just running ssh@<foo> locally. > > Usually this is because the username is different or you’re using a > different ssh key than expected. > e.g.: > $ ansible-playbook site.yml --diff --check -vvv > > Gathering Facts... > Using module file > /usr/local/lib/python2.7/site-packages/ansible/modules/system/setup.py > <[email protected]> ESTABLISH SSH CONNECTION FOR USER: root > Using module file > /usr/local/lib/python2.7/site-packages/ansible/modules/system/setup.py > <i09.com> SSH: EXEC ssh -F ./ssh_config -o StrictHostKeyChecking=no -o > Port=2200 -o KbdInteractiveAuthentication=no -o > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > -o PasswordAuthentication=no -o User=root -o ConnectTimeout=30 -tt i09.com > 'which > -s jailme' > <i09.koan-ci.com> ESTABLISH SSH CONNECTION FOR USER: ansible > <i09.com> SSH: EXEC ssh -F ./ssh_config -o StrictHostKeyChecking=no -o > Port=2200 -o KbdInteractiveAuthentication=no -o > PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey > -o PasswordAuthentication=no -o User=ansible -o ConnectTimeout=30 i09.com > '/bin/sh > -c '"'"'/usr/local/bin/python2.7 && sleep 0'"'"'' > <i09.com> (255, '', 'root@i09com: Permission denied (publickey).\r\n') > And finally, if possible, post your playbook. On Mon, Nov 19, 2018 at 8:14 PM Arvind Thatikonda <[email protected]> wrote: > Hi Fabio, > can you please clarify how you managed to solve it. I created user > ansible, the public keys ID_RSA.pub are stored under /home/ansible/.ssh > folders. the ssh-copy-id should copy to target server - client when I run > ssh-copy-id ansible@privateip. > I create same user name 'ansible' on remote server. > I get permission denied error. > > > On Tuesday, October 9, 2018 at 10:16:26 AM UTC-4, Fabio Gomes Sakiyama > wrote: >> >> Hi Chen, >> >> I manage to solve the problem. I need to pass the public key of a >> different user. In addition, I changed the way to connect to the VMs, since >> I am using openstack, I configured ansible to use the keypair to connect. >> >> Thanks >> >> Em segunda-feira, 8 de outubro de 2018 23:47:35 UTC-3, chenchireddy >> guvvala escreveu: >>> >>> As I am aware Ansible always assumes jobs are running SSH keys either >>> local system or remote system. >>> >>> Thanks. >>> >>> On Tuesday, October 9, 2018 at 7:35:42 AM UTC+5:30, Fabio Gomes Sakiyama >>> wrote: >>>> >>>> Hi Chen, >>>> >>>> I'm aware of ssh-key gen and ssh-copy-id. The ansible module >>>> "authorized_keys" does the ssh-copy-id for me, so I don't need to run it >>>> manually. >>>> >>>> The ssh works because when I execute ''ssh root@myAddress", it works >>>> perfectly. >>>> The problem is when doing exact the same thing, but with ansible. >>>> >>>> >>>> Em segunda-feira, 8 de outubro de 2018 22:48:44 UTC-3, chenchireddy >>>> guvvala escreveu: >>>>> >>>>> Hi, >>>>> >>>>> *ssh-keygen* creates the public and private keys.* ssh-copy-id* copies >>>>> the local-host’s public key to the remote-host’s authorized_keys file. >>>>> ssh-copy-id also assigns proper permission to the remote-host’s home, >>>>> ~/.ssh, and ~/.ssh/authorized_keys. >>>>> >>>>> Check host entry in /etc/host file >>>>> 127.0.0.1 localhost >>>>> >>>>> Check command# ansible localhost -m ping -vv >>>>> >>>>> Thanks. >>>>> >>>>> On Tuesday, October 9, 2018 at 6:52:49 AM UTC+5:30, Fabio Gomes >>>>> Sakiyama wrote: >>>>>> >>>>>> Hello guys, >>>>>> >>>>>> I'm trying to use the ansible_authorized keys to create VMs (with >>>>>> packer and terraform), adding my workspace key to VMs authorized keys. >>>>>> I think it worked because if I execute ''ssh root@myVM", it connects >>>>>> without asking password. >>>>>> >>>>>> But when I execute "ansible all -m ping -u root" to that same host, >>>>>> it fails with the error "sshh fails to connect to host via ssh. >>>>>> Permission >>>>>> denied". >>>>>> >>>>>> I'm really confused and struggling to understand that, since a raw >>>>>> ssh works and the ansible ssh doesn't. >>>>>> >>>>>> What am I missing?? >>>>>> >>>>>> Thanks in advance! >>>>>> >>>>> -- > You received this message because you are subscribed to a topic in the > Google Groups "Ansible Project" group. > To unsubscribe from this topic, visit > https://groups.google.com/d/topic/ansible-project/zE6uQpLdlkE/unsubscribe. > To unsubscribe from this group and all its topics, send an email to > [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/ansible-project/20213015-3728-4271-b397-4b4142208a70%40googlegroups.com > <https://groups.google.com/d/msgid/ansible-project/20213015-3728-4271-b397-4b4142208a70%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Ansible Project" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ansible-project/CAA5vnFkBc8hNXKu00K3%2BEoscVW1nmQuqBy3tBTq9u4SrsU9UwQ%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
